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DETAILED ACTION 

i 

Terminal Disclaimer 

1 . The terminal disclaimer filed on March 8, 2007 disclaiming the terminal portion of 

i 

any patent granted on this application that would extend beyond the expiration date of 

*• 

US Application No. 10/746,667 has been reviewed and is accepted. The terminal 
disclaimer has been recorded. 

Cte/m Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 

of such treaty in the English language. 

i 

3. Claims 1-20 are rejected under 35 U.S.C. 102(e) as being anticipated by Lee et 
al. f US Patent 6,996,677 (herein after referred to as Lee). 

4. Referring to claim 1, Leie has taught a method, comprising: 

a. encountering a function call instruction that calls a called function during 

program execution (abstract, column 2, lines 29-50, jump routine); 

i 

b. saving a return address in a first stack and in a second stack at the same 
time, the return address containing an instruction to be executed after execution 
of the called function (abstract, lines 19-22, column 2, lines 29-50, A return 



! 



I 

* 

t 
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address is saved in a first stack and a second stack upon encountering a jump 
routine.); ' 

c. executing the called function (abstract, column 2, lines 29-50, A jump to 

i 

subroutine is executed.); and 

■ 
■ 

d. determining if the return address stored in the first stack matches the 

i 

return address stored in the second stack to provide protection from a buffer 
overflow attack (abstract, column 2, lines 29-50, first comparator and second 
comparator). 

m 

5. Referring to claim 2, Lee has taught the method of claim 1 , as described above, 
and further comprising generating an exception if the return addresses do not match 

(abstract, column 2, lines 29-50, An interrupt signal is generated if the addresses are 

i 

not the same.). , 

6. Referring to claim 3, Lee has taught the method of claim 2, as described above, 
and further comprising executing exception handling code if an exception was 
generated (abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18. column 
5, lines 38-41, column 6, lines 59-column 7, line 40, Exception handling software is 
continually executed by the protection co-processor.). 

7. Referring to claim 4, Lee has taught the method of claim 3, as described above, 
and wherein the exception handling code determines what value to pass to a program 

i 

pointer based on the return address retrieved from each of the first and second stack 
(abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18. column 5, lines 38- 

41 , column 6, lines 59-column 7, line 40, When the values retrieved from both stacks 

i 

r 

! 

I 

f 
t 

I 

I 



I 

I 

I 
I 
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are equal, then the program counter is updated with the current return address value, 
otherwise an exception is generated to pass the correct value to the program counter.). 

i 

i 

8. Referring to claim 5, Lee has taught the method of claim 3, as described above, 

i 

and wherein the exception handling code terminates execution of the program (abstract, 
column 2, lines 29-50, column 4, line 38-column 5, line 18. column 5, lines 38-41, 

* ► 

column 6, lines 59-column 7, line 40, The instruction to move data to the PC register is 
aborted.). ! 

9. Referring to claim 6, Lee has taught a method, comprising: 

a. processing instructions within a virtual machine (abstract, column 2, lines 
29-50, column 5, lines 39-41, A software jump/return routine is executed.); 

b. saving a return address in a first stack and in a second stack at the same 

i 

tim6, the return address being an address at which program execution is to 

i 

resume after execution of a called function (abstract, column 2, lines 29-50); 

c. comparing the return addresses saved in the first and second stack upon 
execution of the called function (abstract, column 2, lines 29-50, first 

i 

comparator); and ! 

i 

d. exiting the virtual machine if the return addresses do not match to provide 

* 

protection from a buffer overflow attack (abstract, column 2, lines 29-50, column 
4, line 38-column 5, line 18. column 5, lines 38-41, column 6, lines 59-column 7, 

i 
i 

line 40, The instruction to move data to the PC register is aborted.). 

i 

10. Referring to claim 7, Lee has taught the method of claim 6, as described above, 
and further comprising passing control to an exception handler (abstract, column 2, 

j 
I 

i 
i 

i 
i 

I 
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i 
■ 

lines 29-50, column 4, line 38-polumn 5, line 18, column 5, lines 38-41, column 6, lines 
59-column 7, line 40, An interrupt signal is generated if the addresses are not the same 

• i 

to load the PC register with a correct value.). 

i 

1 1 . Referring to claim 8, Le'e has taught the method of claim 7, as described above, 

and wherein the exception handler determines if the return address from the first stack 

i ■ 

or the return address from the 1 second stack is to be used as a value for an instruction 

i 

i 

pointer (abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18. column 5, 

i 

lines 38-41, column 6, lines 59-column 7, line 40, When the values retrieved from both 



stacks are equal, then the program counter is updated with the current return address 

i 

I 

value, otherwise an exceptionj is generated to pass the correct value to the program 
counter). 1 

12. Referring to claim 9, Lee has taught a method, comprising: 

t 

i 

a. creating first and second stacks for a program during execution of the 

i 

program (abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18, 

i 

Values for the first and, second stacks are created and pushed on the stacks 
during program execution.); 

b. . encountering a function call to a called function (abstract, column 2, lines 
29-50, column 4, line 38-column 5, line 18, jump to subroutine); 

c. storing data for the called function and a return address in the first stack 

i 

(abstract, column 2, line 29-column 3, line 15, column 3, line 54-column 4, lines 

i 

26, column 4, line 38-column 5, line 18, first stack); 
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d. storing the. return address in the second stack at the same time as the first 

stack (abstract, column 2, line 29-column 3, line 15, column 3, line 54-column 4, 

i 

lines 26, column 4, line; 38-column 5, line 18, second stack); and 

i 
i 

e. passing control of the program to an exception handler if the return 

address stored in the first stack does not match the return address stored in the 

l 

second stack upon execution of the called function to provide protection from a 

i 

buffer overflow attack (abstract, column 2, line 29-column 3, line 15, column 3, 
line 54-column 4, Iinesj26, column 4, line 38-column 5, line 18, When the 

j 

addresses do not match an exception is generated.). 



13. Referring to claim 10, Lee has taught the method of claim 9, as described above, 

i 

and wherein the exception ha'ndler determines if the return address from the first stack, 

i 

or the return address from the second stack is to be used as a value for an instruction 

i 

pointer (abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18. column 5, 

i 

lines 38-41 , column 6, lines 59-column 7, line 40, When the values retrieved from both 

stacks are equal, then the program counter is updated with the current return address 

i 

value, otherwise an exception is generated to pass the correct value to the program 

i 

counter.). ! 

i 

14. Referring to claim 1 1 , Lee has taught a processor, comprising: 

i 

a. memory management logic to allocate first and second memory locations 
corresponding to first and second stacks, respectively, when a function call 

i 

i 

instruction calls to a called function is encountered during program execution 

i 

(abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18, Values for 



Best Available Copy 

i 

i 
i 

i 
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| 

the first and second stapks are created and pushed on the stacks during program 
execution of jump to subroutines.); 

b. function call logic to write a return address to a memory location from the 

i 

first memory locations and to a memory location from the second memory 

i 

i 

■ 

locations at the same time (abstract, lines 19-22, column 2, lines 29-50, A return 
address is saved in a first stack and a second stack upon encountering a jump 
routine.), the return address being an address at which program flow is to 
resume after execution 1 of the called function (abstract, lines 19-22, column 2, 

lines 29-50, The return address is loaded into the program counter such that 

i 

i 

program flow resumes after executing a jump instruction.); and 

c. buffer overflow control logic to determine if the return address retrieved 
from the first memory locations matches the return address retrieved from the 

second memory locations, upon execution of the called function to provide 

i 
i 

protection from a buffer overflow attack (abstract, column 2, lines 29-50, first 

i 

comparator and second comparator). 

i 

1 5. Referring to claim 1 2, Lee has taught the processor of claim 1 1 , as described 

i 

i 

above, and wherein the function call logic and the buffer overflow control logic 

comprises microcode stored within the processor (column 5, lines 39-41). 

i 

16. Referring to claim 13, Lee has taught a system, comprising: 

! 

a. a memory (Figure 3, element 102); and 

b. a processor coupled to the memory (Figure 3, at least elements 101 , 140, 
142, and 144), the processor comprising memory management logic to allocate 



Best Available Copy 
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first and second memory locations corresponding to first and second stacks, 
respectively, when a function call instruction that calls a called function is 
encountered during pro'gram execution (abstract, column 2, lines 29-50, column 

i 

4, line 38-column 5, line 18, Values for the first and second stacks are created 

I , 
i 

and pushed on the stacks during program execution.); 



c. function call logic to write a return address to a memory location from the - 
first memory locations and to a memory location from the second memory 
locations at the same time (abstract, lines 19-22, column 2, lines 29-50, A return 
address is saved in a first stack and a second stack upon encountering a jump 
routine.), the return address being an address at which program flow is to 



resume after execution of the called function (abstract, lines 19-22, column 2, 

i 

lines 29-50, The return) address is loaded into the program counter such that 

program flow resumes 'after executing a jump instruction.); and 

d. buffer overflow control logic to determine if the return address retrieved 

» 

i 

from the first memory locations matches the return address retrieved from the 
second memory locations, upon execution of the called function to provide 
protection from a buffe'r overflow attack (abstract, column 2, lines 29-50, first 

j 

comparator and secon ( d comparator). 

i 

17. Referring to claim 14, Lee has taught the system of claim 13, as described 

above, and wherein the memory management logic, the function call logic, and the 

i 

buffer overflow control logic comprise microcode stored within the processor (column 5, 
lines 39-41). 



Best Available Copy 
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1 8. Referring to claim 1 5, Lee has taught a computer readable medium having stored 

i 

thereon a sequence of instructions which when executed by a processor, cause the 
processor to perform a method comprising: 

r 

a. encountering a function call instruction that calls a called function during 
program execution (abstract, column 2, lines 29-50, jump routine); 



b. saving a return address in a first stack and in a second stack at the same 

i 

time (abstract, lines 19-j22, column 2, lines 29-50, A return address is saved in a 

i 

first stack and a second stack upon encountering a jump routine.), the return 

address containing an instruction to be executed after execution of the called 

i 

function (abstract, lines 19-22, column 2, lines 29-50, The return address is . 

i 

loaded into the program counter such that program flow resumes after executing 
a jump instruction.); 

c. executing the called function (abstract, column 2, lines 29-50, A jump to 

subroutine is executed!); and 

i 

d. determining if the return address stored in the first stack matches the 

i 

return address stored in the second stack to provide protection from a buffer 

i 

overflow attack (abstract, column 2, lines 29-50, first comparator and second 

i 

comparator). ! 
1 9. Referring to claim 1 6, Lee has taught the computer readable medium of claim 1 5, 
as described above, and wherein the method further comprises generating an exception 
if the return addresses do not match (abstract, column 2, lines 29-50, An interrupt signal 



is generated if the addresses 



are not the same.). 
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20. Referring to claim 17, Lee has taught a computer readable medium having stored 

. 

thereon a sequence of instructions which when executed by a processor, cause the 
processor to perform a method comprising: 



a. processing instructions within a virtual machine (abstract, column 2, lines 

29-50, column 5, lines 39-41 , A software jump/return routine is executed.); 

i 

b. saving a return address in a first stack and in a second stack at the same 
time (abstract, lines 19-22, column 2, lines 29-50, A return address is saved in a 



first stack and a second stack upon encountering a jump routine.), the return 

i 
i 

address being an address at which program execution is to resume after 



execution of a called function (abstract, lines 19-22, column 2, lines 29-50, The 

return address is loaded into the program counter such that program flow 

i 

resumes after executing a jump instruction.); 



c. comparing the return addresses saved in the first and second stack upon 
execution of the called (Function (abstract, column 2, lines 29-50, first comparator 

and second comparator); and 

i 

d. exiting the virtual machine if the return addresses do not match to provide 
protection from a buffer overflow attack (abstract, column 2, lines 29-50, column 
4, line 38-column 5, line 18. column 5, lines 38-41, column 6, lines 59-column 7, 
line 40, The instruction ito move data to the PC register is aborted.). 

21. Referring to claim 18, Lee has taught the computer readable medium of claim 17, 
as described above, and wherein the method further comprises passing control to an 
exception handler (abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18, 



i 
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column 5, lines 38-41, column |6, lines 59-column 7, line 40, An interrupt signal is 



generated if the addresses are not the same to load the PC register with a correct 

j 

value.). 

22. Referring to claim 19, Lpe has taught a computer readable medium having stored 
thereon a sequence of instructions which when executed by a processor, cause the 

processor to perform a methoel comprising: 

I 

a. creating first and second stacks for a program during execution of the 
program (abstract, column 2, lines 29-50, column 4, line 38-column 5, line 18, 
Values for the first and (second stacks are created and pushed on the stacks 

during program execution.); 

i 

b. encountering a function call to a called function (abstract, column 2, lines 
29-50, jump routine); 

c. storing data for the called function and a return address in the first stack 
(abstract, column 2, line 29-column 3, line 15, column 3, line 54-column 4, lines 

i 

26, column 4, line 38-column 5, line 18, first stack); 



d. storing the return address in the second stack at the same time as the first 
stack (abstract, column 2, line 29-column 3, line 15, column 3, line 54-column 4, 

lines 26, column 4, line 38-column 5, line 18, second stack); and 

j 

e. passing control of the program to an exception handler if the return 

i 

address stored in the first stack does not match the return address stored in the 
second stack upon execution of the called function to provide protection from a 



buffer overflow attack 



(abstract, column 2, line 29-column 3, line 15, column 3, 
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line 54-column 4, lines 26, column 4, line 38-column 5, line 18, When the 
addresses do not match an exception is generated.). 

23. Referring to claim 20, Lee has taught the computer readable medium of claim 1 9, 
as described above, and wherein the exception handler determines if the return address 

from the first stack and the return address from the second stack is to be used as a 

i 

value for an instruction pointer (abstract, column 2, lines 29-50, column 4, line 38- 

, 

column 5, line 18. column 5, lines 38-41, column 6, lines 59-column 7, line 40, When the 

i 

values retrieved from both stacks are equal, then the program counter is updated with 
the current return address value, otherwise an exception is generated to pass the 

correct value to the program counter.). 

i 

j Response to Arguments 

i 

24. Applicants arguments with respect to claims 1-20 have been considered but are 

i 

moot in view of the new ground(s) of rejection. 

Conclusion 

25. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 

i 
i 

CFR 1.136(a). j 

i 
j 

26. A shortened statutory period for reply to this final action is set to expire THREE 

| 

MONTHS from the mailing date of this action. In the event a first reply is filed within 

i 

TWO MONTHS of the mailinj date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 

* 

extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no eveht, however, will the statutory period for reply expire later 



than SIX MONTHS from the date of this final action. 



27. Any inquiry concerning this communication or earlier communications from the 

i 

i 

examiner should be directed to Tonia L. Meonske whose telephone number is (571) 
272-4170. The examiner can normally be reached on Monday-Friday with first Friday's 



off. 



28. If attempts to reach the jexaminer by telephone are unsuccessful, the examiner's 

■ 

supervisor, Donald Sparks can be reached on (571) 272-4201. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

29. Information regarding the status of an application may be obtained from the 



Patent Application Information 
published applications may be 



Retrieval (PAIR) system. Status information for 

# 

obtained from either Private PAIR or Public PAIR. 



Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 



you have questions on access 



to the Private PAIR system, contact the Electronic 



Business Center (EBC) at 866^217-9197 (toll-free). If you would like assistance from a 

i 

i 

USPTO Customer Service Representative or access to the automated information 



system, call 800-786-9199 (IN 



USA OR CANADA) or 571-272-1000. 
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